diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-10-31 21:16:20 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-11-01 09:46:09 +1100 |
commit | ed3467c1e16b7396ff7fcf12d2769261512935ec (patch) | |
tree | b70d41447c71e9b9be17361a305298692f32c6d4 /ssh-sk.h | |
parent | 02bb0768a937e50bbb236efc2bbdddb1991b1c85 (diff) |
upstream: U2F/FIDO middleware interface
Supports enrolling (generating) keys and signatures.
feedback & ok markus@
OpenBSD-Commit-ID: 73d1dd5939454f9c7bd840f48236cba41e8ad592
Diffstat (limited to 'ssh-sk.h')
-rw-r--r-- | ssh-sk.h | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/ssh-sk.h b/ssh-sk.h new file mode 100644 index 000000000..7c1d2b927 --- /dev/null +++ b/ssh-sk.h | |||
@@ -0,0 +1,49 @@ | |||
1 | /* $OpenBSD: ssh-sk.h,v 1.1 2019/10/31 21:16:20 djm Exp $ */ | ||
2 | /* | ||
3 | * Copyright (c) 2019 Google LLC | ||
4 | * | ||
5 | * Permission to use, copy, modify, and distribute this software for any | ||
6 | * purpose with or without fee is hereby granted, provided that the above | ||
7 | * copyright notice and this permission notice appear in all copies. | ||
8 | * | ||
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
16 | */ | ||
17 | |||
18 | #ifndef _SSH_SK_H | ||
19 | #define _SSH_SK_H 1 | ||
20 | |||
21 | struct sshbuf; | ||
22 | struct sshkey; | ||
23 | |||
24 | /* | ||
25 | * Enroll (generate) a new security-key hosted private key via the specified | ||
26 | * provider middleware. | ||
27 | * If challenge_buf is NULL then a random 256 bit challenge will be used. | ||
28 | * | ||
29 | * Returns 0 on success or a ssherr.h error code on failure. | ||
30 | * | ||
31 | * If successful and the attest_data buffer is not NULL then attestation | ||
32 | * information is placed there. | ||
33 | */ | ||
34 | int sshsk_enroll(const char *provider_path, const char *application, | ||
35 | uint8_t flags, struct sshbuf *challenge_buf, struct sshkey **keyp, | ||
36 | struct sshbuf *attest); | ||
37 | |||
38 | /* | ||
39 | * Calculate an ECDSA_SK signature using the specified key and provider | ||
40 | * middleware. | ||
41 | * | ||
42 | * Returns 0 on success or a ssherr.h error code on failure. | ||
43 | */ | ||
44 | int sshsk_ecdsa_sign(const char *provider_path, const struct sshkey *key, | ||
45 | u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, | ||
46 | u_int compat); | ||
47 | |||
48 | #endif /* _SSH_SK_H */ | ||
49 | |||